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PROTECTION OF DATA ON MEDIA RECORDING DISKS 
FIELD OF THE INVENTION 

The present invention relates generally to securing transfer of information 
between a media recording disk and a media recording disk player by means of an electronic 
security chip attached to the media recording disk, the chip communicating with the disk player 
via encrypted communication. 

BACKGROUND OF THE INVENTION 

The problem of protecting creative works stored on data recording media, such 
as movies or other home entertainment video programs which are distributed to a large number 
of users, is very well known. Preventing copying works recorded in digital format is 
particularly challenging and troublesome because digitally recorded works can be easily copied 
with virtually no degradation in quality. Indeed when the first DVD systems were sold, the 
content providers were reluctant to make full use of the new technology for fear of easy, 
degradation-free copying. The problem is becoming more acute since the quality of optical 
media is improving from OF (in conventional CD's with MPEG-1) to MPEG-2 MP@ML (in 
current DVD) to HDTV (in future optical memory devices). This problem will be even greater 
when re-writable DVD-RAM becomes available. 

The DVD industry has proposed a minimal security system in which the creative 
work is encrypted and decryption keys are stored in a dedicated location on the disk; During 
reading, the keys are read and used to decrypt a data stream, but the decrypted stream is not 
made available to the user in its compressed format. The result is that the user cannot write a 
clear data stream into a writable disk unless the data stream is compressed again which reduces 
image quality. However, there are doubts about the efficiency of this approach. The main 
limitation is that this method does not provide any way of dynamically allocating rights. to the 
creation, thereby making it impossible to have time-limited renting. Another drawback is that 
the success of this method depends on the secrecy of the DVD encryption which cannot be 
expected to be kept secret a very long time. Another limitation is that this method does not 
differentiate between the rights of disk owners. 

In another approach, called the Divx™ system, the DVD player has full 
responsibility for managing the viewer's rights. The player calls a central Divx™ computer via 
a phone line to get new rights, or to report on the disk use. The encryption used is proprietary. 
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The main disadvantage of both of the above methods is that security can be 
breached once the encryption algorithm is known merely by reading the disk content. 

Attempts have been made in the art to provide a more secure media recording 
disk. PCT patent application WO 97/41562, published November 6, 1997, the disclosure of 
5 which is incorporated herein by reference, describes a CD with a built-in chip. The CD has a 
layer for data storage in which is embedded a chip and CD coupling element for contact-free 
transmission of data between the chip and a data processing device. The CD coupling element 
may be a coil, dipole antenna, an electrostatic coupling surface or an optical coupling element. 
The chip can be a processor chip on which algorithms can be run or security structures can be 

10 realized in order to protect software or prevent access to data on the CD. In one example 
described in the WO 97/41562 patent application, an inquiry can be made from the CD player 
via the CD coupling element to the chip regarding a password which is required to run a 
program or to retrieve privileged information. The inquiry can be concerned with a key or 
algorithm required to decode a program code. 

15 Although the system of the WO 97/41562 patent application contemplates 

protecting creative works stored on CD's by providing the chip embedded in the CD with 
security algorithms, no enabling description, however, is provided regarding the exact nature 
of how such security algorithms actually work. Moreover, the problem of security being 
breached by listening to the communication between the chip on the disk and the player is not 

20 addressed at all in the WO 97/41562 patent application. 

An earlier German patent document 4403206 describes a CD with an integrated 
smart chip on its outer surface. The chip contains encoding data for accessing data on the disk. 
Again the problem of security being breached by listening to the communication between disk 
and player is not addressed in this document. 

25 Encryption technology is a well known method for restricting the ability to 

make illegal copies of software or programs stored on recording media and for securing 
authorization of use of software, such as from an authorized distributor. Two relevant 
examples of such implementation of encryption technology are US Patents 4,658,093 to 
Hellman and 5,416,840 to Cane et al., the disclosures of which are incorporated herein by 

30 reference. 

Hellman describes a system for secure distribution of software between a base 
unit which uses the software and a remote authorization unit which authorizes use of the 
software in the base unit. Compressive, one-way cryptological functions, known as hash 
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functions, are used to secure communication between the base unit and the remote 
authorization unit, the communication being non-real time by telephone line, mail or the like. 
The base unit communicates requests to the authorization unit. The authorization unit 
processes the request and generates a key which is recognized in the base unit, thereby 
allowing use. of the software. Cane et al. also requires generating an authorization key in a 
remote authorization center. However, the use of non-real time communication with a 
remotely-located authorization center is not practical for the problem of securing use of home- 
distributed CD's used with CD players and for preventing any security breach between the CD 
and the CD player. 

Thus, the encryption techniques of the prior art, even when combined with 
using a chip on the disk, are not sufficient to solve the problem of security breaches by 
listening to the communication between disk and player. 1 

SUMMARY OF THE INVENTION 

The present invention seeks to provide an improved method of securing transfer 
of information between a media recording disk and a media recording disk player by means of 
an electronic security chip attached to the media recording disk. The disk chip is responsible 
for managing access to the disk's content. A corresponding chip is installed in the disk player 
that manages the use of the data stream, according to the legitimate rights of the user. The 
present invention uses novel encrypted communication between the chip and the disk player so 
as to provide a level of security that substantially cannot be breached by listening to the 
communication between disk and player. 

The content on the disk is encrypted with a known algorithm, with a key stored 
in encrypted entitlement control messages (ECM's) in the disk data stream. The on-disk 
security chip is similar to a contactless smart card chip (similar to that defined in ISO 14443). 
It is embedded in the plastic in such a way that it does not compromise the mechanical balance 
of the disk. It is programmed and personalized so that each disk has a different security chip. 

The on-disk security chip performs an authentication process with the player 
chip, making sure that the creation is performed in a legitimate player. After this authentication 
is successful, the on-disk security chip checks disk-specific authorizations, such as if the viewer 
allowed to see portions of the disk, which portions, how many times, for how long, etc. 

The on-disk security chip then agrees to deliver keys that are used to decrypt 
the ECM's, in the player security chip. The player then decrypts the regular data stream. The 
player is built such that the decrypted, compressed data stream is strictly internal, and cannot 



be probed. This prevents writing clear, still compressed data stream on another disk (of 
whatever type, magnetic, optical, etc.). After decompression, the need for re-compression will * 
decrease the quality of signal, thereby not posing any security problem. 

It is noted that throughout the specification and claims the terms media 

5 recording disk, optical disk, DVD and CD are used interchangeably for the sake of 
convenience. However, it is emphasized that the present invention is not limited to optical 
disks. Rather the present invention can be equally carried out with any kind of media recording 
disk, optical or non-optical, even floppy (5.25 inch) or stiffy (3.5 inch) disks, as will- be. 
appreciated by those skilled in the art. 

10 There is thus provided in accordance with a preferred embodiment of the 

present invention a secure recording medium having at least one of audio, video and software 
content, including a plurality of media recording disks (DVD's) with a disk security chip 
embedded in each the DVD, each the disk chip including a security key, wherein at least two of 
the DVD's have different disk security keys. 

15 In accordance with a preferred embodiment of the present invention the at least 

two of the DVD's have common content recorded therein. 

Further in accordance with a preferred embodiment of the present invention the 
medium has audio content and video content and the security key is different for audio* content 
than for video content. 

20 Additionally in accordance with a preferred embodiment of the present 

invention a first antenna is disposed in the DVD which is in electrical communication with the 
disk security chip. 

Still further in accordance with a preferred embodiment of the present invention 
the DVD is substantially statically balanced. Preferably the DVD is substantially dynamically 
25 balanced. 

In accordance with a preferred embodiment of the present invention there is 
also provided a DVD player, the player including a second antenna which is in wireless 
communication with the first antenna. 

Additionally in accordance with a preferred embodiment of the present 
30 invention there is provided a player security chip which is in electrical communication with the 
second antenna. 

Further in accordance with a preferred embodiment of the present invention the 
player security chip decrypts data received from the disk security chip. 
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Still further in accordance with a preferred embodiment of the present invention 
the player security chip is integrated into a circuit of an integrated receiver decoder of the. 
DVD player. 

In accordance with a preferred embodiment of the present invention the player 
security chip is detachable from the DVD player. Preferably the player security chip is 
generally tamper-resistant, clone-resistant and upgradable. Preferably the player security chip is 
backwardly compatible with a previous version of at least one of the player security chip and - 
the disk security chip. 

Additionally in accordance with a preferred embodiment of the present 
invention the player security chip performs an authentication process with the disk security 
chip. 

Further in accordance with a preferred embodiment of the present invention the 
player security chip verifies legitimacy of the disk security chip by means of a function of a 
geometric property of the DVD. 

Still further in accordance with a preferred embodiment of the present invention 
the function is selected from the group consisting of a function of an angle between layers of 
the DVD, a diameter of the DVD, a thickness of the DVD and an eccentricity of the DVD. 

In accordance with a preferred embodiment of the present invention the disk 
security chip performs an authentication process with the player security chip. 

Additionally in accordance with a preferred embodiment of the present 
invention the authentication process includes a mutual zero-knowledge interaction 
authentication process. 

There is also provided in accordance with a preferred embodiment of the 
present invention a secure recording medium including a media recording disk (DVD) with a 
disk security chip embedded therein, characterized by the DVD being substantially statically 
balanced. Preferably the DVD is substantially dynamically balanced. 

There is also provided in accordance with a preferred embodiment of the 
present invention a secure recording medium including a media recording disk (DVD) with a 
disk security chip embedded therein, a first antenna disposed in the DVD which is in electrical 
communication with the disk security chip, and a DVD player, the player including a second 
antenna which is in wireless communication with the first antenna, characterized in that the 
secure recording medium further includes a player security chip in electrical communication 



with the second antenna. Preferably the player security chip decrypts data received from the 
disk security chip. 

There is also provided in accordance with a preferred embodiment of the 
present invention a secure recording medium including a media recording disk (DVD) with a 
disk security chip embedded therein, a first antenna disposed in the DVD which is in electrical 
communication with the disk security chip, a DVD player, the player including a second 
antenna which is in wireless communication with the first antenna, and a player security chip in 
electrical communication with the second antenna, characterized by the player security chip 
verifying legitimacy of the disk security chip by means of a function of a geometric property of 
the DVD. 

There is also provided in accordance with a preferred embodiment of the 
present invention a secure recording medium including a media recording disk (DVD) with a 
disk security chip embedded therein, a first antenna disposed in the DVD which is in electrical 
communication with the disk security chip, a DVD player, the player including a second 
antenna which is in wireless communication with the first antenna, and a player security chip in 
electrical communication with the second antenna, characterized by an authentication process 
being performed between the player security chip and the disk security chip. 

There is also provided in accordance with a preferred embodiment of the 
present invention a method for protecting access to content recorded on a media recording 
disk (DVD), including providing a disk security chip on the DVD, the disk security chip 
managing access to the content of the DVD, providing a corresponding player security chip in 
a DVD player which is operative to play the DVD, the player security chip managing use of a 
data stream received from the DVD, the disk security chip being in wireless communication 
with the player security chip, and providing the disk security chip with a disk key not known to 
a disk manufacturer. 

There is also provided a method for protecting access to content recorded on a 
media recording disk (DVD), including providing a disk security chip on the DVD, the disk 
security chip managing access to the content of the DVD, providing a corresponding player 
security chip in a DVD player which is operative to play the DVD, the player security chip 
managing use of a data stream received from the DVD, the disk security chip being in wireless 
communication with the player security chip, and providing a player key common to a plurality 
of the DVD players during a predetermined period of time. 



In accordance with a preferred embodiment of the present invention the method 
includes encrypting contents of the DVD with a content key. 

Additionally in accordance with a preferred embodiment of the present 
invention the method includes performing an authentication process between the disk security 
chip and the player security chip. Preferably the authentication process includes a mutual zero- 
knowledge interaction authentication process. 

Further in accordance with a preferred embodiment of the present invention the. 
disk security chip, after assuring that the DVD player is authentic, sends the DVD player the 
disk key. 

Still further in accordance with a preferred embodiment of the present invention 
the disk security chip, after assuring that the DVD player is authentic, sends the DVD player 
the disk key encrypted with the player key. 

In accordance with a preferred embodiment of the present invention the player 
security chip verifies legitimacy of the disk key as a function of a geometric property of the 
DVD. 

Additionally in accordance with a preferred embodiment of the present 
invention the DVD is a multi-layer DVD and the geometric property is an angle between layers 
of the DVD. 

Further in accordance with a preferred embodiment of the present invention the 
method includes the player security chip sending a random number R to the disk security chip, 
the random number R being different each time the DVD is played, the disk security chip 
sending the player security chip an encrypted concatenation of a hash function of R, called 
h(R), and the content key, encrypted with the disk key, the player security chip decrypting the 
concatenation, and computing h(R) and comparing with the h(R) sent by the disk security chip, 
the player security chip verifying R to be. correct, thereby certifying that the disk chip really 
knows the player key, the player security chip obtaining content key from the concatenation, 
and the player security chip using the content key to decrypt control words that are located 
within ECM's in the DVD. 

There is also provided in accordance with a preferred embodiment of the 
present invention a method for protecting access to content recorded on a media recording 
disk (DVD), including providing a disk security chip on the DVD, the disk security chip 
managing access to the content of the DVD, providing a corresponding player security chip in 
a DVD player which is operative to play the DVD, the player security chip managing use of a 



data stream received from the DVD, the disk security chip being in wireless communication 
with the player security chip, and performing an authentication process between the disk 
security chip and the player security chip. Preferably the authentication process includes a 
mutual zero-knowledge interaction authentication process. 

There is also provided in accordance with a preferred embodiment of the 
present invention a method for protecting access to content recorded on a media recording 
disk (DVD), including providing, a disk security chip on the DVD, the disk security chip 
managing access to the content of the DVD, providing a corresponding player security chip in 
a DVD player which is operative to play the DVD, the player security chip managing use of a 
data stream received from the DVD, and communicating information from the player security 
chip to the disk security chip by illuminating selected tracks on the DVD that are covered with 
photo-sensitive materials, whereby the disk security chip monitors the illuminated tracks, that 
are illuminated by the laser head. 

Additionally in accordance with a preferred embodiment of the present 
invention the method includes communicating information from the disk security, chip by 
covering the laser-head illumination tracks on the DVD with a voltage-controlled semi-opaque 
material, and then using the disk security chip to control opacity of the semi-opaque material 
by appropriately controlling a voltage thereat, the degree of opacity being used to 
communicate the information from the disk security chip to the player security chip. 

There is also provided in accordance with a preferred embodiment of the 
present invention a method for protecting access to content recorded on a media recording 
disk (DVD), including providing a DVD with content recorded thereon which is to be 
protected, providing a disk security chip on a media recording disk different from the DVD, 
the disk security chip managing access to the content of the DVD, and providing a 
corresponding player security chip in a DVD player which is operative to play the DVD, the 
player security chip managing use of a data stream received from the DVD, the disk security 
chip being in wireless communication with the player security chip. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention will be understood and appreciated more fully from the 
following detailed description, taken in conjunction with the drawings in which: 

Fig. 1 is a simplified block diagram of a secure communications system between 
a DVD, with a chip embedded therein, and a DVD player, constructed and operative in 
accordance with a preferred embodiment of the present invention; 
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Fig. 2 is a simplified top view illustration of the DVD of Fig. 1 in accordance 
with a preferred embodiment of the present invention; 

Fig. 3 is a simplified sectional illustration of the DVD of Fig. 1, taken along 

lines III-III in Fig. 2; 

Fig. 4 is a simplified flow chart of operation of the secure communications 
system of Fig. 1, in accordance with a preferred embodiment of the present invention; and 

Fig. 5 is a simplified block diagram of content reading transactions between the 
DVD and the DVD player of Fig. 1, in accordance with a preferred embodiment of the present 
invention. 

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT 
Reference is now made to Fig. 1 which illustrates a secure communications 
system 10 between a DVD 12 and a DVD player 14, constructed and operative in accordance 
with a preferred embodiment of the present invention. A disk chip 16 (i.e., silicon device or 
integrated circuit) is embedded in DVD 12, as will be described hereinbelow with reference to 
Figs. 2 and 3. A player chip 18 is provided in DVD player 14. 

Before elaborating on the provision of player chip 18 in DVD player 14, it is 
first helpful to understand a preferred implementation of the present invention, namely, 
subscriber television systems. (However, it should be emphasized that the present invention is 
certainly not limited merely to such television systems.) In subscriber satellite television 
systems, as is known in the art, digital video signals are typically encoded by means of digital 
video compression, such as in accordance with ISO 13818, commonly referred to in the art as 
the MPEG standard. The encrypted television signals are transmitted together with a 
conditional access stream which contains, inter alia, entitlement control messages (ECM's), 
decryption key information and the encoded digital video signals. Encrypted television signal 
systems are described, for example, in U.S. Patents 5,282,249 and 5,481,609 to Cohen et al., 
the disclosures of which are incorporated herein by reference. An integrated receiver decoder 
(IRD) receives the encrypted signal and uses the decryption key information to decode the 
ECM's which determine whether the viewer is authorized to view the particular broadcast. 

In a preferred embodiment of the present invention, particularly useful for such 
encrypted television signal systems, player chip 18 is integrated with an IRD 22, such as being 
integrated into the MPEG-2 decoder integrated chip. In a preferred construction, player chip 
18 interfaces with a descrambler 15. Descrambler 15 descrambles the conditional access stream 
contained in the received television signals, and outputs the descrambled information via a 



demultiplexer 17 to a video/audio decoder 20 which outputs analog video and analog audio 
signals. Integrating player chip 18 into the MPEG-2 decoder integrated chip ensures that the 
scrambling keys and the clear data stream are not accessible from the outside because the 
decrypted, compressed data stream is strictly internal, and cannot be probed. This prevents 
writing clear, still compressed data stream on another disk (of whatever type, magnetic, 
optical, etc.)- After decompression, the need for re-compression decreases the quality of signal. 

Player chip 18 is most preferably easily removable or detachable from the circuit 
board, such as being mounted on a carrier plug which is soldered to the board. Chip 18 is 
preferably constructed to be as secure as possible so as to prevent reverse-engineering or 
cloning. Tamper-resistant or copy-resistant chip layout and packaging techniques, which are 
known in the art, should be used to construct chip 18. It is also desirable to make chip 18 
upgradable so as to allow replacing chip 18 with an upgraded version at certain time intervals, 
all the time maintaining backward compatibility. 

It is noted that although disk chip 16 contains a secret key as will be described 
hereinbelow, nevertheless the need for security is not as important as that of chip 18. This is 
because an attempted attack on chip 16 is aimed at only one creation. To prevent this kind of 
attack, it may be sufficient to use batches of disks that are scrambled using different keys. For 
example, a creation sold in 10,000 units, may be manufactured as 20 batches of 500 units each. 
Since each batch has its own keys, a breach in chip security will not help for disks that are 
manufactured in other batches, but only for clones. Of course, chip 16 may also be 
manufactured with tamper-resistant or copy-resistant chip layout and packaging techniques. 

An antenna 24 is embedded in DVD 12, as will be described hereinbelow with 
reference to Figs. 2 and 3. Antenna 24 is in wireless communication with a corresponding 
antenna 26 in DVD player 14. Antenna 26 is preferably disposed in a pressure disk 28 which 
makes up part of the clamping mechanism which clamps DVD 12 in DVD player 14. Such 
clamping mechanisms with pressure disks are well known in the art and need no further 
explanation. Antenna 26 may be attached to pressure disk 28 in any suitable manner, such as in 
accordance with the teachings of PCT patent application WO 97/41562. The exact attachment 
and placement of antenna 26 is not essential to the present invention, and antenna 26 may be 
packaged in any other suitable portion of DVD player 14, as long as it is in good wireless 
communication with antenna 24. 

Reference is now made to Figs. 2 and 3 which illustrate the structure of DVD 
12 with chip 16 and antenna 24. DVD 12 includes an information-carrying layer 30 which is 
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typically formed by injection-molding of a plastic. A central hole 32 is formed in DVD 12 and a 
recess 34 is formed in layer 30, either in the molding step or afterwards such as by milling,. 
Chip 16 and antenna 24 are embedded in recess 34, such as by bonding or any other suitable - 
means. Chip 16 and antenna 24 may be placed separately in recess 34, or most preferably, 
manufactured as a single module 36 which is embedded in recess 34. Recess 34 is located in an 
area of DVD 12 not used for data storage: Antenna 24 is preferably made of conductive wires 
that are printed on layer 30, with. measures taken to prevent scratching of the layer. A metal 
layer 38 is preferably vaporized onto layer 30 and an overcoat of a protective material 40, such '' 
as paint, is applied over layer 3 8. 

It is a particular feature of the present invention that chip 16, or the entire 
module 36 when packaged as such a module, is embedded in recess 34 such that the static 
balance of DVD 12 is maintained. This may be accomplished by proper selection of materials 
used to construct chip 16, antenna 24 and/or module 36, together with proper sizing of recess 
34 to maintain static balance of the entire DVD 12. Alternatively, a counterweight 42 may be 
placed opposite to chip 16 to preserve static balance. Although not normally done for thin 
disks like DVD's, nevertheless it may be advantageous to place counterweight 42 (or 
configure chip 16, antenna 24, module 36 and recess 34) such that DVD 12 is also 
dynamically balanced. Techniques of achieving dynamic balance are well known in mechanical 
engineering. It should be noted that static or dynamic balancing is not taught or shown in PCT 
patent application WO 97/41562. 

As taught in PCT patent application WO 97/41562, the concentricity of module 
36 about central hole 32 should be accurate. 

Antenna 24 is in electrical communication with chip 16 and antenna 26 is in 
electrical communication with chip 18, such as by wiring, vias or electrical contacts, thereby 
effecting close-range contactless radio communication between chips 16 and 18. Antennas 24 
and 26 are typically formed as coils, although any type of antenna may be used as well. 
Antennas 24 and 26 have two purposes: first, to allow the passing of power supply from the 
player to disk chip 16, and second, to allow digital communication between disk chip 16 and 
player chip 18. High frequency, low power radio waves are preferably used for this purpose. 

As an alternative to the radio communication described above, it is possible to 
optically provide contactless power supply and communication between disk chip 16 and 
player chip 18. As an example, power can be supplied by a light source which directs light to a 
photovoltaic cell. Communication to disk chip 16 can be achieved by illuminating selected 
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tracks on disk 12 that: are covered with , photo-sensitive materials, whereby disk chip 16 
monitors the tracks that are illuminated by the laser head. Communication from disk chip 16 
can be accomplished by covering the laser-head illumination tracks on the disk with voltage- 
controlled semi-opaque materials, such as liquid crystals, located upon a reflective material. 
Disk chip 16 can then control the opacity of the semi-opaque material by appropriately 
controlling the voltage, the degree of opacity being used to communicate the desired 
information from disk chip 16 to player chip 18. It should be noted that this method does not 
require any modification of existing disk players, except for the addition of a conventional light 
source in the device. 

Reference is now made to Fig. 4 which is a simplified flow chart of operation of 
the secure communications system of Fig. 1, in accordance with a preferred embodiment of the 
present invention. The description which follows also refers to Fig. 5 which is a simplified 
block diagram of content reading transactions between DVD 12 and DVD player 14, in 
accordance with a preferred embodiment of the present invention. 

An authorization center issues a player key (Kp), common to all DVD players 
14 during a predetermined period (step 100). Each player 14 is provided with key Kp (step 
102), this key being valid until chip 18 is replaced. Player key Kp should be attributed and 
validated by the authorization center in an hierarchical manner. Kp is known to all DVD 
players 14 and disk manufacturers at a given time. When player chip 18 is replaced, the new 
version should keep in memory previous versions Kp to allow old content playing (i.e., 
backward compatibility). 

The disk manufacturer encrypts the different sections of content of DVD 12 
with a set of random keys Krk, using an appropriate algorithm, such as DES or DVB common 
scrambling, that are of common use in commercial TV broadcast (step 103). These keys are 
encrypted with a content key (Kc) with a known algorithm, such as DES or RC-5, and 
included in the ECM's (step 104). Disk 12 is thus provided with an encrypted content 
E-DATA), and ECM's that include encrypted keys E K <(Krk) (step 106). Disk chip 16 is 
embedded in DVD 12, as described hereinabove (step 108). A disk key Kd, specific to each 
disk, is programmed in disk chip 16. It is noted that since one can wirelessly communicate with 
disk chip 16, one can program disk chip 16 even after packaging in a commercial shipment 
package, for example, if desired. 



Each finished DVD 12 preferably has its own individual key Kd, even though 
the plurality of DVD's may have common content, encrypted similarly with Krk and Kc (step 
110). 

It should be noted that separate, independent protection may be provided for 
each data stream, audio and visual, i.e., different keys, as well as for individual sections of the 
media recording disk. 

DVD 12 is now ready for insertion and playing in DVD player 14 (step Ml). 
First, in step 1 12, disk chip 16 performs an authentication process with player chip 18, making 
sure that the creation on DVD 12 is about to be played in a legitimate player. After this 
authentication is successful, chip 16 checks disk-specific authorizations, such as if the viewer 
is allowed to" see portions of DVD 12, which portions, how many times, for how long, etc. 
DVD 12 can refuse to play in a player that is not trustworthy. 

To provide a greater level of trust, mutual zero-knowledge interaction 
authentication sessions between disk and player may be held, such as the so-called Fiat-Shamir 
authentication methods taught in US Patent 4,748,668 to Shamir and Fiat, the disclosure of 
which is incorporated herein by reference. 

In step 114, disk chip 16, after assuring that DVD player 14 is authentic, sends 
Player chip 18 its own key Kd, encrypted with the known player key Kp, in the form of 
E Kp (Kd). The encryption algorithm may be DES or RC-5, for example. This data is preferably 
not computed by disk chip 16 in real time, but rather put into the chip during initialization. 

Player chip 18 may verify the legitimacy of the disk key Kd in any convenient 
manner. For example, an accurate measurement of a dimension (e.g., diameter, thickness or 
eccentricity) of the disk, such as to a level of accuracy of 0.001 mm, can be made of each disk 
by the disk manufacturer. The dimension may be used to generate a random number that will 
be digitally signed and stored in disk chip 16. As another example, if multi-layer disks are used, 
an angle of registration between the layers may randomly vary between disks with similar 
content, this angle being known by the disk manufacturer for each disk during routine quality 
control procedures. The angle between the layers may be used to generate a random number 
that will be digitally signed and stored in disk chip 16. In any case, player chip 18 is then able 
to verify that the disk manufacturer knows how to sign the disk, and therefore is authorized to 
sell disks. The above methods of legitimacy verification can be easily implemented by using the 
existing mechanisms in the laser head. 
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In step 116, player chip 18 sends a random number R to disk chip 16. The 
random number R may be generated in any convenient manner, such as a noisy diode serving 
as a random source of bits with appropriate discrimination to obtain the random binary output, 
as mentioned in US Patent 4,748,668. 

In step 118, disk chip 16 sends player chip 18 an encrypted concatenation of. a 
hash function of R and the content key Kc, encrypted with Kd, in the form of E K d{h(R) & Kc}. 
This way, one can assume that each time a disk is played, the Kc key is transmitted to player 
chip 18 in a different encryption, because random number R is different. Therefore, listening to 
contactless communication between DVD chip 16 and player chip 18 cannot circumvent the 
security system of the present invention, thereby solving the security problem that the prior art. 
does not solve. 

In step 120, player chip 18 decrypts the data, i.e., performs D K a{h(R) & Kc}. In 
parallel, player chip 18 computes h(R), based on the R previously generated in step 116. If 
both values of h(R) are equal, this means that the disk chip programmer knows Kp, because it 
had previously sent E^ p (Kd) in step 114, and the Kd key has been proven as adequate to 
decrypt h(R). This proves that the disk was manufactured by an authorized manufacturer. 
Player chip 18 then obtains Kc. 

In step 122, player chip 18 uses Kc to decrypt control words that are located 
within ECM's in DVD 12, i.e., performs D Kc (ECM), thereby permitting a user to commence 
enjoyment of the disk content. 

As a further example of the scope of the present invention, instead of 
embedding the disk security chip 16 in DVD 12, the security chip may be embedded on a 
media recording disk different and separate from DVD 12, such as a stiffy diskette, wherein the 
security chip 16 then wirelessly communicates with the player security chip as described 
hereinabove. In this case, the encryption information is on the diskette, not on the DVD which 
contains the content to be played in player 14. 

It will be appreciated by persons skilled in the art that the present invention is 
not limited by what has been particularly shown and described hereinabove. Rather the scope 
of the present invention includes both combinations and subcombinations of the features 
described hereinabove as well as modifications and variations thereof which would occur to a 
person of skill in the art upon reading the foregoing description and which are not in the prior 
art. 
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CLAIMS 

What is claimed is: 

"l. A secure recording medium having at least one of audio, video and software 

content, comprising a plurality of media recording disks (DVD's) with a disk security chip 
embedded in each said DVD, each said disk chip comprising a security key, wherein at least 
two of said DVD's have different disk security keys. 

2. The secure recording medium according to claim 1 and wherein said at least 
two of said DVD's have common content recorded therein. 

3. The secure recording medium according to claim 1 or claim 2. and wherein said 
medium has audio content and video content and said security key is different for audio 
content than for video content. 

4. The secure recording medium according to any of claims 1-3 and comprising a 
first antenna disposed in said DVD which is in electrical communication with said disk security 
chip. 

5. The secure recording medium according to any of claims 1-4 and wherein said 
DVD is substantially statically balanced. 

6. The secure recording medium according to any of claims 1-5 and wherein said 
DVD is substantially dynamically balanced. 

7. The secure recording medium according to any of claims 4-6 and further 
comprising a DVD player, said player comprising a second antenna which is in wireless 
communication with said first antenna. 

8. The secure recording medium according to claim 7 and further comprising a 
player security chip in electrical communication with said second antenna^ 

9. The secure recording medium according to claim 8 and wherein said player 
security chip decrypts data received from said disk security chip. 

10. The secure recording medium according to claim 8 or claim 9 and wherein said 
player security chip is integrated into a circuit of an integrated receiver decoder of said DVD 
player. 

1 1. The secure recording medium according to any of claims 8-10 and wherein said 
player security chip is detachable from said DVD player. 

12. The secure recording medium according to any of claims 8-1 1 and wherein said 
player security chip is generally tamper-resistant. 
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13. The secure recording medium according to any of claims 8-12 and wherein said 
player security chip is generally clone-resistant. 

14. The secure recording medium according to any of claims 8-13 and wherein said 
player security chip is upgradable. 

15. The secure recording medium according to any of claims 8-14 and wherein said 
player security chip is backwardly compatible with a previous version of at least one of said 
player security chip and said disk security chip. 

16 The secure recording medium according to any of claims 8-15 and. wherein said 

player security chip performs an authentication process with said disk security chip. 

17. The secure recording medium according to claim 16 and wherein said player 
security chip verifies legitimacy of said disk security chip by means of a function of a geometric 
property of said DVD. 

18. The secure recording medium according to claim 17 and wherein said function 
is selected from the group consisting of a function of an angle between layers of said DVD, a 
diameter of said DVD, a thickness of said DVD and an eccentricity of said DVD. 

19 The secure recording medium according to any of claims 8-18 and wherein said 

disk security chip performs an authentication process with said player security chip. 

20. The secure recording medium according to claim 19 and wherein said 
authentication process comprises a mutual zero-knowledge interaction authentication process. 

21. A secure recording medium comprising a media recording disk (DVD) with a 
disk security chip embedded therein, characterized by said DVD being substantially statically 
balanced. 

22. The secure recording medium according to claim 21 wherein said DVD is 
substantially dynamically balanced. 

23. A secure recording medium comprising: 

a media recording disk (DVD) with a disk security chip embedded therein; 

a first antenna disposed in said DVD which is in electrical communication with 

said disk security chip; and 

a DVD player, said player comprising a second antenna which is in wireless 

communication with said first antenna; 

characterized in that said secure recording medium further comprises a player 
security chip in electrical communication with said second antenna. 
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24. The secure recording medium according to claim 23 and wherein said player 
security chip decrypts data received from said disk security chip. . 

25. The secure recording medium according to claim 23 or claim 24 and wherein 
said player security chip is integrated into a circuit of an integrated receiver decoder of said 
DVD player. 

26. The secure recording medium according to any of .claims 23-25 and wherein 
said player security chip is detachable from said DVD player. 

271 The secure recording medium according to any of claims 23-26 and wherein 

said player security chip is generally tamper-resistant. 

28. The secure recording medium according to any of claims 23-27 and wherein 
said player security chip is generally clone-resistant. 

29. The secure recording medium according to any of claims 23-28 and wherein 
said player security chip is upgradable. 

30. The secure recording medium according to any of claims 23-29 and wherein 
said player security chip is backwardly compatible with a previous version of at least one of 
said player security chip and said disk security chip. 

31. The secure recording medium according to any of claims 23-30 and wherein 
said player security chip performs an authentication process with said disk security chip. 

32. A secure recording medium comprising: 

a media recording disk (DVD) with a disk security chip embedded therein; 

a first antenna disposed in said DVD which is in electrical communication with 
said disk security chip; 

a DVD player, said player comprising a second antenna which is in wireless 
communication with said first antenna; and 

a player security chip in electrical communication with said second antenna,- - 

characterized by said player security chip verifying legitimacy of said disk 
security chip by means of a function of a geometric property of said DVD. 

33. The secure recording medium according to claim 32 and wherein said function 
is selected from the group consisting of a function of an angle between layers of said DVD, a 
diameter of said DVD and a thickness of said DVD. 

34. A secure recording medium comprising: 

a media recording disk (DVD) with a disk security chip embedded therein; 
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a first antenna disposed in said DVD which is in electrical communication with 
said disk security chip; 

a DVD player, said player comprising a second antenna which is in wireless 
communication with said first antenna; and 

a player security chip in electrical communication with said second antenna, 

characterized by an authentication process being performed between said player 
security chip and said disk security chip. 

35. The secure recording medium according to claim 34 wherein said authentication 
process comprises a mutual zero-knowledge interaction authentication process. 

36. A method for protecting access to content recorded on a media recording disk 
(DVD), comprising: 

providing a disk security chip on the DVD, said disk security chip managing 
access to the content of the DVD; 

providing a corresponding player security chip in a DVD player which is 
operative to play the DVD, said player security chip managing use of a data stream received 
from the DVD, said disk security chip being in wireless communication with said player 
security chip; and 

providing said disk security chip with a disk key not known to a disk 

manufacturer. 

37. A method for protecting access to content recorded on a media recording disk 
(DVD), comprising: 

providing a disk security chip on the DVD, said disk security chip managing 
access to the content of the DVD; 

providing a corresponding player security chip in a DVD player which is 
operative to play the DVD, said player security chip managing use of a data stream received 
from the DVD, said disk security chip being in wireless communication with said player 
security chip; and 

providing a player key common to a plurality of said DVD players during a 
predetermined period of time. 

38. The method according to claim 36 or claim 37 and comprising encrypting 
contents of said DVD with a content key. 

39. The method according to any of claims 36-38 and comprising performing an 
authentication process between said disk security chip and said player security chip. 
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40. The method, according to claim 39 and wherein said authentication process 

comprises a mutual zero-knowledge interaction authentication process. 

41 The method according to any of claims 36-40 and wherein said disk security 

chip, after assuring that said DVD player is authentic, sends said DVD player said disk key. 

42. The method according to any of claims 36-40 and wherein said disk security 
chip, after assuring that said DVD player is authentic, sends said DVD player said disk key 

: encrypted with said player key. 

43. The method according to any of claims 36-42 and wherein said player security 
chip verifies legitimacy of said disk key as a function of a geometric property of said DVD. 

44. The method according to claim 43 and wherein said DVD is a multi-layer DVD 
and said geometric property is an angle between layers of said DVD. 

45. The method according to any of claims 36-44 and further comprising; 

said player security chip sending a random number R to said disk security chip, 
said random number R being different each time said DVD is played; 

said disk security chip sending said player security chip an encrypted 
concatenation of a hash function of R, called h(R), and said content key, encrypted with said 
disk key; 

said player security chip decrypting said concatenation, and computing h(R) and 
comparing with the h(R) sent by the disk security chip; 

said player security chip verifying R to be correct, thereby certifying that said 
disk chip really knows said player key; 

said player security chip obtaining content key from said concatenation; and 

said player security chip using said content key to decrypt control words that 
are located within ECM's in said DVD. 

46. A method for protecting access to content recorded on a media recording disk 
(DVD), comprising: 

providing a disk security chip on the DVD, said disk security chip managing 
access to the content of the DVD; 

providing a corresponding player security chip in a DVD player which is 
operative to play the DVD, said player security chip managing use of a data stream received 
from the DVD, said disk security chip being in wireless communication with said player 
security chip; and 
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performing an authentication process between said disk security chip and said 
player security chip. 

47 The method according to claim 46 and wherein said authentication process 

comprises a mutual zero-knowledge interaction authentication process. 

48. A method for protecting access to content recorded on a media recording disk 
(DVD), comprising: 

providing a disk security chip. on*, the DVD, said disk security chip managing 
access to the content of the DVD; 

providing a. corresponding player security chip in a DVD player which is 
operative to play the DVD, said player security chip managing use of a data stream received 
from the DVD; and 

communicating information from said player security chip to said disk security 
chip by illuminating selected tracks on said DVD that are covered with photo-sensitive 
materials, whereby said disk security chip monitors the illuminated tracks, that are illuminated 
by the laser head. 

49. The method according to claim 48 and further comprising . communicating 
information from said disk security chip by covering said laser-head illumination tracks' on said 
DVD with a voltage-controlled semi-opaque material, and then using said disk security chip to 
control opacity of the semi-opaque material by appropriately controlling a voltage thereat, the 
degree of opacity being used to communicate the information from said disk security chip to 
said player security chip. 

50. A method for protecting access to content recorded on a media recording disk 
(DVD), comprising: 

providing a DVD with content recorded thereon which is to be protected; 

providing a disk security chip on a media recording disk different from the 
DVD, said disk security chip managing access to the content of the DVD; and 

providing a corresponding player security chip in a DVD player which is 
operative to play the DVD, said player security chip managing use of a data stream received 
from the DVD, said disk security chip being in wireless communication with said player 
security chip. 

51. A secure recording medium having at least one of audio, video and software 
content, comprising a stiffy disk with a disk security chip embedded thereon, said disk chip 
comprising a security key. 
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52. A secure recording medium according to any of claims 1-35 and substantially as 
described hereinabove. 

53. A secure recording medium according to any of claims 1-35 and substantially as 
shown in any of the drawings. , 

54. A method according to any of claims 36-50 and substantially as described 
hereinabove. 

For the Applicant, 
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